SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1059.007 JavaScript
The PDF document contains multiple embedded URLs, with a primary focus on lures related to hacking Roblox accounts. The ML classifier flagged this PDF as malicious, and the presence of a 'download button' heuristic further supports a malicious intent. While no scripts were explicitly extracted, the document's structure and embedded URIs suggest it's designed to trick users into navigating to potentially harmful external resources.
Machine Learning
- Nyx PDF Classifier malicious score 0.7795
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/how-do-u-hack-someones-account-on-roblox PDF link annotation
- http://businessmart.ro/images/how-do-i-get-free-robux-easy.pdfIn PDF document text
- https://www.iadh.bi/images/get-free-robux-denis.pdfIn PDF document text
- https://corbo.ru/images/hacked-roblox-account-and-banned.pdfIn PDF document text
- http://www.cosver.nl/images/free-roblox-wallpaper.pdfIn PDF document text
- https://pa-waingapu.go.id/images/2021-roblox-hack-no-adfly.pdfIn PDF document text
- http://instrutech.co.th/images/i-will-hack-and-kill-you-parent-roblox-group.pdfIn PDF document text
- http://www.inservis.cl/images/free-promocode-roblox-november.pdfIn PDF document text
- http://loszavera.com/images/roblox-fe-btools-script-hack.pdfIn PDF document text
- http://alexandrion.com/images/aimbot-roblox-free.pdfIn PDF document text
- http://poltekkeskhjogja.ac.id/images/roblox-hacker-skin-transparent.pdfIn PDF document text
- http://paro.net.ua/images/how-to-hack-roblox-for-beginners.pdfIn PDF document text
- http://arcnjournals.org/images/how-to-get-free-robux-on-computer-hack-inspecting.pdfIn PDF document text
- http://www.torvet11.dk/images/2021-roblox-reach-hacks.pdfIn PDF document text
- http://ivanitskyvs.ru/images/roblox-mods-free.pdfIn PDF document text
- http://stomatolog-choszczno.pl/images/gg-robux-free-generator.pdfIn PDF document text
- http://plantas.net/images/roblox-robux-hack-free-robux-generator.pdfIn PDF document text
- https://gafaseo.com/images/free-roblox-accounts-2021-april.pdfIn PDF document text
- https://koeltotaal.com/images/red-kine-cheat-roblox.pdfIn PDF document text
- https://waterpark.by:443/images/how-to-do-script-hacks-on-roblox.pdfIn PDF document text
- http://jenne-technik.de/images/royale-high-roblox-outfit-hacks.pdfIn PDF document text
- https://www.abrapppe.org.br/images/80-robux-for-free.pdfIn PDF document text
- https://www.millatgears.com/images/free-roblox-account-generator-old-accounts.pdfIn PDF document text
- https://www.millatgears.com/images/how-to-get-free-bucks-in-adopt-me-roblox-2021.pdfIn PDF document text
- http://mmech.com/images/wwwmyrealgamescom-genres-freegamesdownload-index3html-roblox.pdfIn PDF document text
- https://sanjoseelectricians.net/images/hack-for-assasin-roblox.pdfIn PDF document text
- http://www.adravietnam.org/images/is-hacking-on-roblox-illegal.pdfIn PDF document text
- https://gryps.de/images/how-to-make-acount-for-intriga-roblox-hack.pdfIn PDF document text
- http://infoagronomia.com.ar/images/hacking-in-to-deniss-roblox-account.pdfIn PDF document text
- http://modenese.net/images/how-to-get-free-robux-2021-may-12-no-websites.pdfIn PDF document text
- http://biotronics.com.cy/images/how-to-hack-on-roblox-btools.pdfIn PDF document text
- http://ohsawamacrobiotics.com/images/how-do-i-get-robux-for-free-without-paying-dollars.pdfIn PDF document text
- http://babyxpress.de/images/how-to-hack-on-roblox-deinsdaily.pdfIn PDF document text
- http://linens.kiev.ua/images/roblox-set-hack-com.pdfIn PDF document text
- https://verdensbarn.no/images/earn-robux-for-freecom.pdfIn PDF document text
- http://gods-own.org/images/code-hack-nick-roblox.pdfIn PDF document text
- https://zapoj-kharkov.com.ua/images/roblox-cheats-how-to-get-free-vip.pdfIn PDF document text
- http://unc-europe.com/images/roblox-apocalypse-rising-spawn-hack.pdfIn PDF document text
- https://pneukalousek.cz/images/robux-generator-for-free.pdfIn PDF document text
- http://www.lovecraftiana.com.ar/images/roblox-1x1x1x1-hack-music.pdfIn PDF document text
- http://pa-bengkulukota.go.id/images/zoo-tycoon-cheats-roblox.pdfIn PDF document text
- http://xn--hrtetechnik-steinbach-51b.de/images/free-robux-money-no-human-verification.pdfIn PDF document text
- http://www.brtes.com/images/free-online-games-for-toddlers-age-4-like-roblox.pdfIn PDF document text
- https://www.olboys.it/images/roblox-hack-robux-ohne-handynummer.pdfIn PDF document text
- http://xn--apartementos-smfora-cala-ratjada-4vc.de/images/dank-roblox-hacks.pdfIn PDF document text
- https://www.brainpads.com/images/free-robux-gameguardian.pdfIn PDF document text
- http://dos.most.gov.la/images/i-got-free-robux.pdfIn PDF document text
- https://kimolos-link.gr/images/f12-hack-roblox.pdfIn PDF document text
- https://gzog.pl/images/redeem-free-robux-code.pdfIn PDF document text
- http://www.mediaxin.net/images/cheat-roblox-lumber-tycoon-2-terbang.pdfIn PDF document text
+12 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off000081c0.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x81C0 | 24028 bytes |
SHA-256: fd84a6ed22cd2ff55bae34b8c63e45ad16914c9231fe3285511a5c48c00e5554 |
|||
font_01_sfnt_off0000b843.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xB843 | 18772 bytes |
SHA-256: afebdc5a721d3173df4aab6a326a91b6fda3c768deb320703f89d7eefbbbdfaa |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.